Wednesday, June 10, 2015




Complete DHS Report for June 10, 2015

Daily Report

Top Stories

 · Pacific Gas & Electric Co., officials reported that at least 65,000 homes and businesses lost power across the San Francisco Bay Area for over 3 hours June 8-9 in heat-related outages. – San Francisco Chronicle

1. June 9, San Francisco Chronicle – (California) Power outages hit 65,000 in Bay Area, slow BART. Pacific Gas & Electric Co., officials reported that at least 65,000 homes and businesses lost power across the San Francisco Bay Area for over 3 hours June 8 – 9 in heat-related outages, including an East Bay blackout reportedly caused by a squirrel in an El Cerrito substation that knocked power out to 45,000 customers and the Downtown Berkeley Bay Area Rapid Transit (BART) station. The heat also affected BART service on the Daly City line. Source: http://www.sfgate.com/bayarea/article/Power-outages-hit-thousands-in-San-Jose-East-Bay-6314969.php

 · The U.S. Department of Agriculture reported June 8 that liquid, dried, and frozen egg products will be imported from the Netherlands due to a shortage caused by the spread of the avian flu. – KCCI 8 Des Moines

11. June 8, KCCI 8 Des Moines – (Iowa) New bird flu cases emerge; U.S. to import egg products from Netherlands. The U.S. Department of Agriculture reported June 8 that egg products such as liquid, dried, and frozen eggs will be imported from the Netherlands due to a shortage caused by the spread of avian flu. Source: http://www.kcci.com/news/new-bird-flu-cases-emerge-us-to-import-egg-products-from-netherlands/33474372

 · Crews are working to install a temporary water line to service 250 Logan County, Colorado residents that have been without running water due to a main break during the week of June 1. – KUSA 9 Denver (See item 13)

13. June 8, KUSA 9 Denver – (Colorado) Colo. town without water for more than a week. Crews are working to install a temporary line to get water running for 250 residents of Logan County that have had no access to running water service since a water main beak occurred the week of June 1. The temporary line is expected to be finished by the week of June 15 and a permanent solution will take several months, leaving residents to rely on drinking water from Red Cross and nearby towns. Source: http://www.9news.com/story/news/local/2015/06/08/ne-colorado-town-of-iliff-without-water-for-more-than-a-week/28706837/

 · The White House Office of Management and Budget issued the HTTPS-Only Standard directive June 8, requiring all public Federal Web sites to switch to HTTPS connections by December 31, 2016. – White House Office of Management and Budget See item 27 below in the Information Technology Sector

Financial Services Sector

4. June 9, Bay Area News Group – (National) RPM Mortgage fined $20 million over loan scheme. The U.S. Consumer Financial Protection Bureau issued $20 million in fines June 8 to RPM Mortgage and the company’s CEO following allegations that he paid employees bonuses to place clients in loans with higher interest rates from 2011 – 2013. RPM Mortgage agreed to settle the allegations without admitting wrongdoing. Source: http://www.santacruzsentinel.com/business/20150608/rpm-mortgage-fined-20-million-over-loan-scheme

For another story, see item 26 below in the Information Technology Sector

Information Technology Sector

23. June 9, BBC – (International) Cyber-thieves cash in from malware. Security researchers at Trustwave reported that cyber-thieves can earn almost 1,500 percent potential profit from ransomware kits by spending approximately $5,900 on kits that could earn about $90,000 a month in an attack campaign via a compromised Web site. Source: http://www.bbc.com/news/technology-33048949

24. June 9, Softpedia – (International) HDD firmware altering modules from Equation Group may exist for Apple devices. Security researchers from the Intel Corporation’s McAfee Labs analyzed samples of EquationDrug hard-drive reprogramming modules in their May McAffee Labs Threats Report and found indications that versions of the module exist for Apple iOS and OS X systems, as well as Microsoft Windows. Source: http://news.softpedia.com/news/HDD-Firmware-Altering-Modules-from-Equation-Group-May-Exist-for-Apple-Devices-483763.shtml

25. June 9, Reuters – (International) High-tech extortion attacks nearly doubled in first quarter, report says. Findings from the Intel Corporation’s May McAfee Labs Threats Report revealed that high-tech extortion schemes via ransomware surged by 165 percent to 700,000 samples in the first quarter of 2015, and that Adobe Flash malware increased by 317 percent to 200,000 samples. Source: http://www.reuters.com/article/2015/06/09/us-cybersecurity-ransomware-idUSKBN0OP09P20150609

26. June 8, SC Magazine – (International) Vawtrak banking malware found to use Tor2Web. Security researchers from Fortinet reported that the Vawtrak banking malware, also known as Neverquest, is using Tor2Web as a method to steal banking credentials undetected by accessing Tor anonymous network sources without directly connecting to the network or using a Tor client. The malware typically used fixed command-and-control (C&C) servers, which are easier to trace. Source: http://www.scmagazine.com/fortinet-posts-new-vawtrak-blog-post/article/419355/

27. June 8, White House Office of Management and Budget – (International) HTTPS-everywhere for government. The White House Office of Management and Budget issued the HTTPS-Only Standard directive June 8, requiring that all publicly accessible Federal Web sites and Web services only provide service through Hyper Text Transfer Protocol Secure (HTTPS) connections by December 31, 2016. The U.S. Chief Information Officer set up a Web site to provide technical assistance and best-practices for migration as well as a public dashboard to monitor progress. Source: https://www.whitehouse.gov/blog/2015/06/08/https-everywhere-government

For additional stories, see item 2 below from the Energy Sector, item 15 from the Healthcare and Public Health Sector and item 18 below from the Government Facilities Sector

2. June 8, Securityweek – (International) XZERES fixes CSRF vulnerability in small wind turbine. XZERES Wind released a patch to address a cross-site request forgery (CSRF) vulnerability in its 442SR wind turbine web-based interface in which a remote attacker could hijack user sessions and cause a loss of power for all attached systems. Source: http://www.securityweek.com/xzeres-fixes-csrf-vulnerability-small-wind-turbine

15. June 8, Threatpost – (National) Many drug pumps open to variety of security flaws. A security researcher revealed severe vulnerabilities in several drug-infusion pumps manufactured by Hospira, including the Plum A+, PCA LifeCare, and Symbiq pumps, which run the same software as the known-susceptible PCA3 and PCA5 pumps. An unauthenticated remote root shell and hard-coded local credentials are among the vulnerabilities which leave the devices open to security risks. Source: https://threatpost.com/many-drug-pumps-open-to-variety-of-security-flaws/113202

18. June 8, Securityweek – (National) US Army website hacked: officials. The U.S. Army’s official Web site was shut down June 8 after hackers claiming to be affiliated with the “Syrian Electronic Army” posted messages denouncing U.S. training of rebel fighters in Syria. No classified or personal data was housed on the Web site, and officials reported that no data was stolen. Source: http://www.securityweek.com/us-army-website-hacked-officials

Communications Sector

See item 24 above in the Information Technology Sector